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The MAILING DATE of this communication appears on the cover sheet with the correspondence address 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed' 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1 )^ Responsive to communication(s) filed on 09 November 2006 . 
2a)E3 This action is FINAL. 2b)d This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) |3 Claim(s) See Continuation Sheet is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) |EI Claim(s) 1-4,6. 7, 9, 10, 13 - 16, 18, 19. 21, 22. 25 - 28. 31 and 33 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) Q The specification is objected to by the Examiner. 

10) 13 The drawing(s) filed on 30 March 2000 is/are: a)Q accepted or b)^ objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)D All b)D Some * c)Q None of: 

1 .□ Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. Q Copies of the certified copies. of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 



Attachment(s) 

1) ^ Notice of References Cited (PTO-892) 4) O Interview Summary (PTO-413) 

2) O Notice of Draftsperson's Patent Drawing Review (PTO-948) Paper No(s)/Mail Date. " . 

3) O Information Disclosure Statement(s) (PTO/SB/08) 5 ) D Notice of Informal Patent Application 

Paper No(s)/Mail Date . 6) □ Other: . 
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DETAILED ACTION 

1. Claims 1 -4, 6, 7, 9 5 10, 13- 16, 18, 19,21,22,25 -28, 30, 31 and 33 are presented for 
examination. 

Drawings 

2. The drawings are objected to under 37 CFR 1.83(a). The drawings must show every 
feature of the invention specified in the claims. Therefore, the " wherein the state information is 
retrieved from a third server which is different from the client" must be shown or the feature(s) 
canceled from the claim(s). No new matter should be entered. 

Corrected drawing sheets in compliance with 37 CFR 1. 121(d) are required in reply to 
the Office action to avoid abandonment of the application. Any amended replacement drawing 
sheet should include all of the figures appearing on the immediate prior version of the sheet, 
even if only one figure is being amended. The figure or figure number of an amended drawing 
should not be labeled as "amended." If a drawing figure is to be canceled, the appropriate figure 
must be removed from the replacement sheet, and where necessary, the remaining figures must 
be renumbered and appropriate changes made to the brief description of the several views of the 
drawings for consistency. Additional replacement sheets may be necessary to show the 
renumbering of the remaining figures. Each drawing sheet submitted after the filing date of an 
application must be labeled in the top margin as either "Replacement Sheet" or "New Sheet" 
pursuant to 37 CFR 1.121(d). If the changes are not accepted by the examiner, the applicant will 
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be notified and informed of any required corrective action in the next Office action. The 
objection to the drawings will not be held in abeyance. 

Claim Rejections - 35 (JSC § 112 

3. The following is a quotation of the first paragraph of 35 U.S.C. 1 12: 

The specification shall contain a written description of the invention, and of the manner and process of making 
and using it, in such full, clear,. concise, and exact terms as to enable any person skilled in the art to which it 
pertains, or with which it is most nearly connected, to make and use the same and shall set forth the best mode 
contemplated by the inventor of carrying out his invention. 

4. Claims 1 -4,6,7,9, 10, 13- 16, 18, 19,21,22,25-28,30,31 and 33 are rejected under 
35 U.S.C. 1 12, first paragraph, as failing to comply with the written description requirement. 
The claim(s) contains subject matter which was not described in the specification in such a way 
as to reasonably convey to one skilled in the relevant art that the inventor(s), at the time the 
application was filed, had possession of the claimed invention. 

5. Claims 7, 19 and 31 recites the limitation, "checkpointing the updated running message 
digest to a location outside of the first server" is not disclosed in the specification. Applicant is 
asked to point to the specification and drawing to where this limitation can be interpreted as or 
Amend this limitations out. To further clarify rejection, Applicant is asked to point out where in 
the specification this takes place and how one is able to "checkpointing" the updated running 
message digest to locations outside the first server or how it is performed. 
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6. Independent claims 1,13 and 25 recites the limitation, "attempting to retrieve state 
information associated with the session identifier for an active secure communication session 
between the client and a second server, wherein the state information is retrieved from a third 
server which is different from the client ", which does not seem appear in the specification. 
Furthermore, it does not teach when the state information is created and stored on a third server. 
Applicant is asked to explain this while pointing to specific sections in the specification that 
would teach this limitation and implementing it in connection with the other claim limitations of 
the independent claims. 

7. All other dependent claims are rejected for their dependency on the above rejected 
independent claims. 

Claim Rejections - 35 USC § 103 

8. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

9. Claims 1 - 4, 9, 13 - 16, 21 and 25 - 28 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Abramson et al. (6539494) (hereinafter Abramson) in view of Purpura 
(6421768) in further view of Sandhu et al. (6985953) (hereinafter Sandhu). 
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10. As per claim 1, as closely interpreted by the Examiner, Abramson teaches a method for 
sharing a secure communication session with a client between a plurality of servers, comprising: 

1 1 . receiving a message from the client at a first server in the plurality of server, the message 
including a session identifier that identifies a secure communication session with the client, (e.g., 
col. 5, line 31 - col. 6, line 14); and 

12. if the session identifier does not correspond to an active secure communication session on 
the first server, establishing an active secure communication session with the client on the first 
server by, (e.g., col. 5, line 31 - col. 6, line 14), 

13. attempting to retrieve state information associated with the session identifier for an active 
secure communication session between the client and a second server, , wherein the state 
information includes a session encryption key associated with the active secure communication 
session between the client and the second server, wherein the first server is different from the 
second server, (e.g., col. 5, line 31 - col. 6, line 14), 

14. if the state information for the active secure communication session is retrieved, using the 
state information including the encryption keys to share the active secure communication session 
established between the client and the second server for subsequent communications between the 
client and the first server, (e.g., col. 5, line 31 - col. 6, line 14), 

15. if the state information for the active secure communication session is not retrieved, 
communicating with the client to establish the active secure communication session with the 
client,'(e.g., col. 5, line 31 - col. 6, line 14). 
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16. Abramson does not specifically teach without having to set up a new secure 
communication session between the client and the first server, wherein the sate information is 
purged from the second server after the state information is retrieved by the first server; 

17. wherein the state information is retrieved from a third server which is different from the 
client. 

18. Purpura teaches without having to set up a new secure communication session between 
the client and the first server, (e.g., col. 6, lines 12 - 45), wherein the state information is purged 
from the second server after the state information is retrieved by the first server, (e.g., col. 6 5 line 
46 - col. 7, line 21 , "shared key expiration date/time "). It would have been obvious to one of 
ordinary skill in the art at the time the invention was made to combine Purpura with Abramson 
because purging data after a specific amount of time enables the system to free up memory space 
for new sessions that are being created. Furthermore, utilizing SSL in a system is well known in 
the art to enhance security of packet transmission. 

19. Sandhu teaches wherein the state information is retrieved from a third server which is 
different from the client, (e.g., Figure 5 & col. 3, lines 39 - 67, "... also while the data is stored 
on either the server or the client's storage medium. " & col. 10, lines 15 - 28). It would have 
been obvious to one of ordinary skill in the art at the time the invention was made to combine 
Sandhu with the combined inventions of Abramson and Purpura because a server can seal the 
final object which give the client the capability to ensure that the cookie was not tampered with 
during transmission. 
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20. Referencing claim 2, as closely interpreted by the Examiner, Abramson teaches 
attempting to retrieve the state information includes: 

21 . attempting to use the session identifier to identify the second server in the plurality of 
servers that has an active secure communication session with the client that corresponds to the 
session identifier, (e.g., col. 5, line 31 - col. 6, line 14); and 

22. attempting to retrieve the state information from the second server, (e.g., col. 5, line 31 - 
col. 6, line 14). 

23. Referencing claim 3, as closely interpreted by the Examiner, Abramson teaches 
attempting to retrieve the state information involves attempting to retrieve the state information 
from a centralized repository that is in communication with the plurality of servers, (e.g., col. 5, 
line 31 - col. 6, line 14). 

24. Referencing claim 4, as closely interpreted by the Examiner, Abramson teaches the 
centralized repository includes a database for storing the state information, (e.g., col. 3, lines 24 
- 65 & col. 4, lines 5 -17). 

25. Referencing claim 9, as closely interpreted by the Examiner, Abramson teaches initially 
establishing an active secure communication session between the client and the second server, 
the active secure communication session being identified by the session identifier, (e.g., col. 3, 
lines 24 - 65 & col. 4, lines 5-17). 
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26. Claims 13-16, 2 land 25 - 28 are rejected for similar reasons as stated above. 

27. Claims 6, 7, 10, 18, 19, 22, 30, 31 and 33 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Abramson, Purpura and Sandhu as applied to claims 1,13 and 25 above, and 
in further view of Fielder et al. (6105133) (hereinafter Fielder). 

28. As per claim 6, Abramson teaches the state information includes: 

29. the session identifier for the secure communication session, (e.g., col. 3, lines 24 - 65 & 
col. 4, lines 5-17). Abramson does not a running message digest for the secure communication 
session. Fielder teaches a running message digest for the secure communication session, (e.g. 
col. 2, line 60 - col. 3, line 42). It would have been obvious to one skilled in the art at the time 
the invention was made to combine Fielder with the combine inventions of Abramson, Purpura 
and Sandhu because it would make the transferring of information more secure because of the 
functionality of running message digest adding a signature to identify and authenticate the sender 
and message of the transferred information. 

30. As per claim 7, Abramson, Purpura and Sandhu do not teach using the message to update 
the running message digest; and 

31. checkpointing the updated running message digest to a location outside of the first server. 
Fielder teaches using the message to update the running message digest, (e.g. col. 2, line 60 - 
col. 3, line 42); and 
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32. checkpointing the updated running message digest to a location outside of the first server, 
(e.g. col. 2, line 60 - col. 3, line 42). It would have been obvious to one skilled in the art at the 
time the invention was made to combine Fielder with the combine system of Abramson, Purpura 
and Sandhu because it would be more efficient for the message to update the running message 
digest so when a server with new information pertaining to state information occurs, the entire 
network will be able to access this information and utilize it in new secure data transfer, as 
appose to having to send a separate set of information to update the running message digest on 
each device, causing more traffic on the network. 

33. As per claim 10, Abramson, Purpura and Sandhu do not teach attempting to retrieve the 
state information includes authenticating and authorizing the first server. Fielder teaches 
attempting to retrieve the state information includes authenticating and authorizing the first 
server, (e.g. col. 1, lines 31 - 44). It would have been obvious to one skilled in the art at the time 
the invention was made to combine Fielder with the combine system Abramson, Purpura and 
Sandhu because it would make a system more secure if the receiver of the information could be 
authorized to the information by authenticating the information that was sent from the first 
server. Furthermore, it would make the information more difficult for other system to try and 
access the information without having the authentication and authorized access to the 
information. 



34. Claims 18, 19, 22, 30, 31 and 33 are rejected for similar reasons as stated above. 
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Response to Arguments 

35. Applicant's arguments with respect to claims 1 - 4, 6, 7, 9, 10, 13 - 16, 18, 19, 21, 22, 25 
- 28, 30, 31 and 33 have been considered but are moot in view of the new ground(s) of rejection. 

Conclusion 

36. Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to David E. England whose telephone number is 571-272-3912. 
The examiner can normally be reached on Mon-Thur, 7:00-5:00. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, David A. Wiley can be reached on 571-272-3923. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



David E. England 
Examiner 
Art Unit 2143 
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